Contingency planning process Data in the Critical system is replicated every Wednesday from the primary processing site in Washington, DC to an alternate processing site in Omaha, Nebraska on a near real-time basis. The server room is open to all employees to enable easy coverage for the IT team, should someone be out of the office. Critical has a security categorization of High, a recovery time objective (FlTO) of six hours and a recovery point objective (RPO) of one hour. There is a policy that requires that functional tests be performed at least every other year for systems with high security categorizations. Company management has not performed a functional exercise in five years due to resource limitations. The security manager and program manager performed a test five years ago when they reviewed the contact information in the Information System Contingency Plan. Instructions 1. Identify control weaknesses in the process. 2. For each weakness identified, document the condition, criteria and effect of the weakness